One of my earliest blogs was about security and I made a point of deterring people from going to websites other than the big name, well known sites. I was a little surprised that I didn’t get many emails telling me that I was being overcautious. I did get one message pointing out that a large part of the value of surfing the net is finding new sites with new information. I agree. Is that contradictory?
I’m guilty of doing exactly what I said shouldn’t be done. When I search for information I frequently click on links to sites that I’ve never been to belonging to companies I’ve never heard of. I’m not immune to malware, but I do have a few tricks and tools up my sleeve to help make sure I’m protected. The first and most important tool is education. I’ve spent a great deal of time since I started this career learning about the methods that hackers use to attack computers. This knowledge has helped me to develop habits that make me a less likely target for hackers. While I believe that nothing will completely protect someone from malware and security breaches, I’ll share some tricks and tips that will certainly help.
First of all, any computer connected to the Internet should be fully patched and protected by firewalls. Yes, that was plural. Data travels between computers and the Internet in two directions. Home and small business routers by default block all traffic coming in, but allow all traffic outbound. They can typically be changed to block all but the necessary outbound traffic, but this requires quite a bit of knowledge and management to implement and maintain. For outbound traffic, I recommend a personal firewall such as the firewall built into recent versions of Microsoft Windows. This firewall will typically prompt you if a port or program is blocked so that you can consent to allowing access. If you don’t know what’s asking for access it’s best to say no. My experience is mainly with Microsoft products, but patching applies to every operating system available today. For Microsoft Windows, I recommend turning on automatic updates and checking to make sure that updates have been applied at least once a month. Of course all computers should have up to date antivirus software installed as well.
Once you have this basic protection in place you’re ready to open a web browser. If you’re searching for information there are many search engines available. I like Google, but feel that it’s a personal preference, not because of any technological advantage. When you get your results, look at the URL that is linked. Most North American domains have a .com, .net, .org or .ca although there are some other new ones gaining popularity. Phishing and hacking sites are often hosted in countries where law enforcement is not as likely to catch them, so unless you’re looking for something specifically in China, avoid domains ending with .cn for example. Once you’ve clicked the link, if you see a lot of pop-ups or the page is not what you expected; leave. Close your browser and any pop-ups. It may already be too late, but there is a chance that you’ve been quick enough to avoid a “drive by download”.
The Internet is a wonderful tool, but like anything popular it attracts people who hope to profit from people who don’t know how to protect themselves. If you leave your purse on your car seat and your windows down, chances are that it will be stolen. Basic protection will help avoid the majority of threats.